Walter,
I like your thinking. Very simple and secure. I have used this technique for
lots of stuff. You can make it a little smarter with the following example
using the listuser command. You can also use $GOD-RESTRICT in SECURCON to
secure GOD.PUB.VESOFT. Don't forget to add the withcaps config to your
STREAMX.DATA.VESOFT file. To properly secure this so users cannot see your
DB password you must secure the file, only allowing execute access to the
users who need it. I suggest an ACL and/or put it in an acct and group that
the user can't logon to and set execute to ANY and everything else to
account or group only access. The nohelp and nolist will prevent users from
seeing the code. I am pretty sure the nolist will prevent hpcmdtrace from
showing anything but, you may need to set that as well.
anyparm p1
option nohelp, nolist
if pos('PASS',ups('!p1'))>0
echo ERROR: You are not allowed to use the PASS option.
return
endif
if insidempex=0
run main.pub.vesoft;parm=3;info="xeq !hpfile !p1"
else
continue
withcaps 'sm',:listuser !p1
endif
Enjoy,
Joshua Johnson
-----Original Message-----
From: HP-3000 Systems Discussion [mailto:[log in to unmask]] On Behalf
Of Walter J. Murray
Sent: Sunday, April 12, 2009 3:26 PM
To: [log in to unmask]
Subject: [HP3000-L] How to see what's locked in a TurboIMAGE database
Greetings,
I am looking for a way to permit ordinary users (programmers and support
staff) to see who is using a TurboIMAGE database, and what locks are in
effect and are pending--the information you would see with DBUTIL using
SHOW ... USERS and SHOW ... LOCKS or SHOW ... ALL.
I have to work within these constraints: (1) Can't let them log on with
SM capability. (2) Can't let them log on as the database creator. (3)
Can't reveal the password on the MPEX GOD program. (4) Can't reveal the
password on DBUTIL.
Any suggestions? Any utility to do this?
My best idea so far is to set up a command file that would use the MPEX
%WITHCAPS command to grant SM capability temporarily, then run DBUTIL.
Walter
Walter J. Murray
* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
|